diff options
| author | alm <alm@FreeBSD.org> | 1993-07-27 02:54:46 +0000 |
|---|---|---|
| committer | alm <alm@FreeBSD.org> | 1993-07-27 02:54:46 +0000 |
| commit | 1b525955605eec0dd3e7c102a00cb6ac0d27d906 (patch) | |
| tree | 92d3a9b92023561435c0eceaf31ef4ea580894de /gnu/usr.bin/man | |
| parent | e341b8ec68ac10caa03f5e499ab6b7e95aae7cd4 (diff) | |
| download | FreeBSD-src-1b525955605eec0dd3e7c102a00cb6ac0d27d906.zip FreeBSD-src-1b525955605eec0dd3e7c102a00cb6ac0d27d906.tar.gz | |
Added setreuid() calls so that shell escapes work.
The effective ID's need to be set to the real ID's before invoking
a shell for security reasons.
Diffstat (limited to 'gnu/usr.bin/man')
| -rw-r--r-- | gnu/usr.bin/man/man/Makefile | 3 | ||||
| -rw-r--r-- | gnu/usr.bin/man/man/man.c | 38 |
2 files changed, 40 insertions, 1 deletions
diff --git a/gnu/usr.bin/man/man/Makefile b/gnu/usr.bin/man/man/Makefile index 0525723..a9083b4 100644 --- a/gnu/usr.bin/man/man/Makefile +++ b/gnu/usr.bin/man/man/Makefile @@ -16,7 +16,8 @@ MAN1= ${.CURDIR}/man.1 .endif DPADD+= ${MAN1} -CFLAGS+= -I${.CURDIR}/../lib -DSTDC_HEADERS -DPOSIX -DHAS_TROFF -DDO_UNCOMPRESS -DALT_SYSTEMS +CFLAGS+= -I${.CURDIR}/../lib -DSTDC_HEADERS -DPOSIX -DHAS_TROFF +CFLAGS+= -DDO_UNCOMPRESS -DALT_SYSTEMS -DSETREUID -DCATMODE=664 CLEANFILES+= ${MAN1} ${MAN1}: ${.CURDIR}/man.man diff --git a/gnu/usr.bin/man/man/man.c b/gnu/usr.bin/man/man/man.c index e8026f6..3b6e2bf 100644 --- a/gnu/usr.bin/man/man/man.c +++ b/gnu/usr.bin/man/man/man.c @@ -16,6 +16,7 @@ #define MAN_MAIN +#include <sys/types.h> #include <stdio.h> #include <ctype.h> #include <string.h> @@ -104,6 +105,13 @@ static char args[] = "M:P:S:adfhkp:w?"; #endif #endif +#ifdef SETREUID +uid_t ruid; +uid_t euid; +uid_t rgid; +uid_t egid; +#endif + int main (argc, argv) int argc; @@ -138,6 +146,15 @@ main (argc, argv) gripe_no_name (tmp); } +#ifdef SETREUID + ruid = getuid(); + rgid = getgid(); + euid = geteuid(); + egid = getegid(); + setreuid(-1, ruid); + setregid(-1, rgid); +#endif + while (optind < argc) { nextarg = argv[optind++]; @@ -1136,7 +1153,28 @@ format_and_display (path, man_file, cat_file) } else { + +#ifdef SETREUID + setreuid(-1, euid); + setregid(-1, egid); +#endif + found = make_cat_file (path, man_file, cat_file); + +#ifdef SETREUID + setreuid(-1, ruid); + setregid(-1, rgid); + + if (!found) + { + /* Try again as real user - see note below. + By running with + effective group (user) ID == real group (user) ID + except for the call above, I believe the problems + of reading private man pages is avoided. */ + found = make_cat_file (path, man_file, cat_file); + } +#endif #ifdef SECURE_MAN_UID if (!found) { |
